Find out if you have vulnerabilities that put you at risk

Test your applications
Toggle filtering controls
Expand this section

PACKAGE MANAGER

Report a new vulnerability
VULNERABILITY AFFECTS TYPE PUBLISHED
  • H
Remote Code Execution (RCE)
diffy Open this link in a new tab <3.4.1 RubyGems 24 Jun 2022
  • H
Improper Encoding or Escaping of Output
motor-admin Open this link in a new tab <0.2.61 RubyGems 22 Jun 2022
  • L
Insecure Permissions
octopoller Open this link in a new tab >=0.2.0, <0.3.0 RubyGems 16 Jun 2022
  • M
Insufficiently Protected Credentials
mechanize Open this link in a new tab <2.8.5 RubyGems 10 Jun 2022
  • H
Deserialization of Untrusted Data
jmespath Open this link in a new tab <1.6.1 RubyGems 7 Jun 2022
  • M
Use of Uninitialized Resource
trilogy Open this link in a new tab <2.1.1 RubyGems 7 Jun 2022
  • M
Cross-site Scripting (XSS)
publify_core Open this link in a new tab >=8.0, <9.2.5 RubyGems 6 Jun 2022
  • L
Cross-site Request Forgery (CSRF)
solidus_backend Open this link in a new tab <2.11.16 >=3.0.0, <3.0.6 >=3.1.0, <3.1.6 RubyGems 2 Jun 2022
  • H
Denial of Service (DoS)
rack Open this link in a new tab >=1.2, <2.0.9.1 >=2.1.0, <2.1.4.1 >=2.2.0, <2.2.3.1 RubyGems 28 May 2022
  • C
Arbitrary Code Injection
rack Open this link in a new tab <2.0.9.1 >=2.1.0, <2.1.4.1 >=2.2.0, <2.2.3.1 RubyGems 28 May 2022
  • M
Improper Access Control
publify_core Open this link in a new tab <9.2.9 RubyGems 24 May 2022
  • M
Cross-site Scripting (XSS)
publify_core Open this link in a new tab <9.2.9 RubyGems 24 May 2022
  • H
Improper Handling of Unexpected Data Type
nokogiri Open this link in a new tab <1.13.6-aarch64-linux RubyGems 20 May 2022
  • H
Inadequate Encryption Strength
random_password_generator Open this link in a new tab >=0.0.0 RubyGems 18 May 2022
  • M
Cross-site Scripting (XSS)
publify_core Open this link in a new tab <9.2.8 RubyGems 17 May 2022
  • L
Information Exposure
publify_core Open this link in a new tab <9.2.8 RubyGems 17 May 2022
  • L
Improper Access Control
publify_core Open this link in a new tab <9.2.8 RubyGems 17 May 2022
  • M
CSV Injection
csv-safe Open this link in a new tab <3.0.0 RubyGems 2 May 2022
  • H
Improper Input Validation
sinatra Open this link in a new tab <2.2.0 RubyGems 2 May 2022
  • M
Cross-site Scripting (XSS)
actionview Open this link in a new tab <5.2.7.1 >=6.0.0.beta1, <6.0.4.8 >=6.1.0.rc1, <6.1.5.1 >=7.0.0.alpha1, <7.0.2.4 RubyGems 27 Apr 2022
  • M
Cross-site Scripting (XSS)
actionpack Open this link in a new tab >=5.2.0, <5.2.7.1 >=6.0.0.beta1, <6.0.4.8 >=6.1.0.rc1, <6.1.5.1 >=7.0.0.alpha1, <7.0.2.4 RubyGems 27 Apr 2022
  • M
Server-side Request Forgery (SSRF)
gibbon Open this link in a new tab <3.4.4 RubyGems 25 Apr 2022
  • M
SQL Injection
blazer Open this link in a new tab <2.6.0 RubyGems 21 Apr 2022
  • H
Command Injection
git Open this link in a new tab <1.11.0 RubyGems 19 Apr 2022
  • H
Out-of-bounds Write
nokogiri Open this link in a new tab <1.13.4 RubyGems 12 Apr 2022
  • H
Regular Expression Denial of Service (ReDoS)
nokogiri Open this link in a new tab <1.13.4 RubyGems 12 Apr 2022
  • H
Denial of Service (DoS)
nokogiri Open this link in a new tab <1.13.4-aarch64-linux RubyGems 12 Apr 2022
  • M
Time-Based One-Time Password (TOTP) Reuse
devise-two-factor Open this link in a new tab <4.0.2 RubyGems 10 Apr 2022
  • M
Denial of Service (DoS)
yajl-ruby Open this link in a new tab <1.4.2 RubyGems 6 Apr 2022
  • H
Command Injection
cocoapods-downloader Open this link in a new tab <1.6.0 >=1.6.2, <1.6.3 RubyGems 1 Apr 2022